From 89847d5684b9ea734333ae795d673e28de788885 Mon Sep 17 00:00:00 2001
From: Ayaz Ahmed Khan <ayaz@ayaz.pk>
Date: Wed, 12 Jul 2017 12:51:12 +0500
Subject: [PATCH] Explicitly defines the --kubelet-preferred-address-types
 parameter to the API server configuration.

This solves the problem where if you have non-resolvable node names,
and try to scale the server by adding new nodes, kubectl commands
start to fail for newly added nodes, giving a TCP timeout error when
trying to resolve the node hostname against a public DNS.
---
 roles/kubernetes/master/defaults/main.yml                      | 3 +++
 .../master/templates/manifests/kube-apiserver.manifest.j2      | 1 +
 2 files changed, 4 insertions(+)

diff --git a/roles/kubernetes/master/defaults/main.yml b/roles/kubernetes/master/defaults/main.yml
index 64a71fc22..59e528822 100644
--- a/roles/kubernetes/master/defaults/main.yml
+++ b/roles/kubernetes/master/defaults/main.yml
@@ -78,6 +78,9 @@ kube_oidc_auth: false
 ## Variables for custom flags
 apiserver_custom_flags: []
 
+# List of the preferred NodeAddressTypes to use for kubelet connections.
+kubelet_preferred_address_types: 'InternalDNS,InternalIP,Hostname,ExternalDNS,ExternalIP'
+
 controller_mgr_custom_flags: []
 
 scheduler_custom_flags: []
diff --git a/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 b/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2
index bee13b4ec..0dbe93cab 100644
--- a/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2
+++ b/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2
@@ -51,6 +51,7 @@ spec:
     - --kubelet-client-certificate={{ kube_cert_dir }}/node-{{ inventory_hostname }}.pem
     - --kubelet-client-key={{ kube_cert_dir }}/node-{{ inventory_hostname }}-key.pem
     - --service-account-lookup=true
+    - --kubelet-preferred-address-types={{ kubelet_preferred_address_types }}
 {% if kube_basic_auth|default(true) %}
     - --basic-auth-file={{ kube_users_dir }}/known_users.csv
 {% endif %}
-- 
GitLab